Yang Yu [Mon, 22 Jul 2013 06:14:36 +0000 (14:14 +0800)]
Prompted error message is not correct for PortNotFound
When deleting a non-existing port, the error message would be
"Port XXXX could not be found on network None" for some plugins.
"network None" is not correct enough here.
This patch removes the NVP call for creating a logical port from
the SQL transaction context used for creating the Neutron port.
It also ensures orphaned data are properly removed from both
the Neutron DB and the NVP backend.
snaiksat [Fri, 10 May 2013 04:31:17 +0000 (21:31 -0700)]
Firewall as a Service (FWaaS) APIs and DB Model
Implements: blueprint quantum-fwaas
blueprint: quantum-fwaas-plugin
This is the first iteration of the FWaaS implementation and
is geared towards implementing the model that will be
required to at least address the reference implementation.
This iteration will not include implementation of the following
features:
* grouping or dynamic objects
* application/service objects
Update Neutron rootwrap to the latest from oslo-incubator. This allows
to get rid of the DnsMasqFilter (which was already replaced by
EnvFilter) in preparation for the havana release, as well as get a few
bugfixes.
All the changes are coming directly from the Oslo "rootwrap" module
sync.
In the iptables firewall driver, each port method (update_port_filter,
prepare_port_filter, remove_port_filter) makes O(N) calls, where
N=len(firewall.ports), to IptablesManager methods that update dozens
of data structures. When the firewall methods are called in sequence,
e.g., by SecurityGroupAgentRpcMixin, the calls to IptablesManager's
methods start to add up.
This patch changes IptablesFirewallDriver to defer and coalesce calls
to IptablesManager. Now a sequence of M port method calls results in
O(N) calls to IptablesManager methods instead of O(N*M) as before.
Tom Fifield [Sun, 28 Jul 2013 18:35:01 +0000 (11:35 -0700)]
Update references with new Mailing List location
Yesterday, openstack@lists.launchpad.org was migrated with
all users to openstack@list.openstack.org.
This patch updates references to the old mailing list with the
new, to ensure that people encountering them don't accidentally
try and join the old list!
Fix creation of trusted queues for the NVP plugin.
Currently if an admin tries to create a trusted queue, Neutron will
fail with MissingDSCPForTrusted exception. However, the NVP semantic
is exactly the opposite, namely the DSCP field must be specified for
untrusted queues and omitted trusted ones.
Deal with intermittent OverflowError in gate-neutron-python26
This occurence looks like is related to a failure in
utils.execute. This patch attempts to deal with the error
by mocking out Popen.communicate altogether.
Gary Kotton [Thu, 20 Jun 2013 11:04:59 +0000 (11:04 +0000)]
Ensure that L3 managed port have status ACTIVE
Some plugins may set the port status as DOWN when it is created. This was not
updated when the port was actually up. This patch ensures that gateway and
router ports that are created will be set as ACTIVE when they are actually
up and running.
Ports that are attached to additional bridges in the OVS will only update the
port status as ACTIVE. There will be no tags set on the specific ports as this
will break the existing functionality.
* Defines logic and API for ServiceProvider - read-only entity
that admins provide in configuration and which is stored in memory
* ServiceType entity which maps to ServiceOfferings in new terms
is removed for now.
* Routed service insertion fixed to not to refer to service providers.
* In case configuration changes and some service providers are removed
then the resources must be cleanup in a special way (undeploy logical
resources). This is a matter of future work
* Add migration.
Jiajun Liu [Wed, 17 Jul 2013 03:00:23 +0000 (03:00 +0000)]
do not raise exception on ip address recycle operation
Currenty a exception will raise on ip address recycle operation if the ip
address doesn't belong to any allocation pool which will make user unable
to update port, even worse it will make user unable to create new port.
So do not raise exception if the ip address to be recycled doesn't belong
to any allocation, just delete it from the ip allocation table.
The latest dnsmasq no longer accepts hostnames which begin with a number. This
affects Fedora 19 right now, and will mean Fedora 19 will not work with Neutron
DHCP. dnsmasq should work with hostnames beginning with a number (RFC 1123 says
this is valid), but until this is fixed, many users will be left unable to use
Fedora 19 with Neutron.
This patch adds a "host-" prefix to each hostname entry generated by the DHCP
agent. This fixes the issue in Neutron.
Currently there is create_health_monitor() in the driver API so
a driver may create an object on device but there is no delete_health_monitor()
and monitor objects will remain on device forever.
Driver should at least call plugin to delete a db object.
Carl Baldwin [Tue, 16 Jul 2013 18:10:37 +0000 (18:10 +0000)]
Avoid refreshing firewall rules unnecessarily.
Adds a parameter to refresh_firewall allowing an array of ports to
be passed. If an array is passed then the firewall will be refreshed
only for those ports. If not passed, it will still refresh all
ports as it did before.
Oleg Bondarev [Wed, 29 May 2013 07:58:17 +0000 (11:58 +0400)]
Add agent scheduling for LBaaS namespace agent
- adds simple chance scheduling on create pool operation
- adds PoolsLoadbalancerAgentBinding db table
- adds lbaas_agentscheduler extension to list pools hosted by a particular agent
and to get an agent hosting a particular pool
- adds agent notifiers mapping to AgentSchedulerDbMixin to make it easier
for services to add their agent notifiers to the core plugin
Add support for the agent extension to NVP Plugin.
Of DHCP and L3 agents, NVP uses DHCP; This patch adds support
for the extension to this plugin.
This patch also moves some tests around, as a result of the
refactory done in https://review.openstack.org/#/c/35266/
Some code duplication is also removed.
Adin Scannell [Mon, 27 May 2013 17:21:42 +0000 (13:21 -0400)]
GRE tunnels should include local_ip.
This addresses the issue of having one or more multi-homed host.
Because you may only specify one local IP for a quantum agent, and
other hosts could be routed across different subnets (even for small
installations, for various reasons), it's important to also specify
the used local_ip when setting up the GRE tunnels. As long as the
address is routable on both ends, this will work. If the local_ip is
not specified, then traffic will mysteriously be dropped on one end
where the IP does not match the expected IP in the GRE tunnel.
Update the ML2 README file with the latest tunnel changes
The ML2 README file was slightly out of date with all of the H2 changes
which went in around GRE and VXLAN tunneling. This patch updates it to
reflect what the code is capable of currently.
Code Review / openstack-build / neutron-build.git / log